Scribd
Upload
637 views

Privacy Protection Based Access Control Scheme in Cloud-Based

This document proposes a privacy protection based access control scheme for cloud-based services called PS-ACS. The scheme divides users into a personal domain (PSD) and public domain (PUD). In the PSD, it uses Key-Aggregate Encryption (KAE) to implement efficient read access permissions while ensuring privacy through an Improved Attribute-based Signature (IABS) for write permissions. In the PUD, Hierarchical Attribute-based Encryption (HABE) is used to avoid single points of failure and enable data sharing. Analysis shows PS-ACS provides secure and efficient access control and privacy protection for cloud data compared to other schemes.

Uploaded by

Hvsm Ashish
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
637 views

Privacy Protection Based Access Control Scheme in Cloud-Based

This document proposes a privacy protection based access control scheme for cloud-based services called PS-ACS. The scheme divides users into a personal domain (PSD) and public domain (PUD). In the PSD, it uses Key-Aggregate Encryption (KAE) to implement efficient read access permissions while ensuring privacy through an Improved Attribute-based Signature (IABS) for write permissions. In the PUD, Hierarchical Attribute-based Encryption (HABE) is used to avoid single points of failure and enable data sharing. Analysis shows PS-ACS provides secure and efficient access control and privacy protection for cloud data compared to other schemes.

Uploaded by

Hvsm Ashish
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 14

PRIVACY PROTECTION BASED

ACCESS CONTROL SCHEME IN


CLOUD-BASED SERVICES
ABSTRACT:
With the rapid development of the computer technology, cloud-based services have
become a hot topic. Cloud based services not only provide users with convenience, but
also bring many security issues. Therefore, the study of access control scheme to
protect users' privacy in cloud environment is of great significance. In this paper, we
present an access control system with privilege separation based on privacy protection
(PS-ACS). In the PS-ACS scheme, we divide the users into personal domain (PSD) and
public domain (PUD) logically. In the PSD, we set read and write access permissions for
users respectively. The Key-Aggregate Encryption (KAE) is exploited to implement the
read access permission which improves the access efficiency. A high degree of patient
privacy is guaranteed simultaneously by exploiting an Improved Attribute-based
Signature (IABS) which can determine the users’ write access.
ARCHITECTURE:
SYSTEM ANALYSIS

Existing System
Since the traditional access control strategy cannot effectively solve the security problems that
exist in data sharing. Data security issues brought by data sharing have seriously hindered the
development of cloud computing.
PROPOSED SYSTEM
The IABS scheme is employed to achieve the write permissions and the separation of
read and write permissions to protect the privacy of the user's identity. In the PUD, we use the HABE
scheme to avoid the issues of single point of failure and to achieve data sharing. Furthermore, the paper
analyzes the scheme from security and efficiency, and the simulation results are given. By comparing with
the MAH-ABE scheme, the proposed scheme shows the feasibility and superiority to protect the privacy
of data in cloud-based services.
SYSTEM SPECIFICATION

Hardware Requirements:

System : Pentium IV 3.4 GHz (Min)or Later versions.


Hard Disk : 40 GB.
Monitor : 14’ Colour Monitor.
Mouse : Optical Mouse.
Ram : 1 GB.(Min)
Software Requirements:

Operating system : Windows Family.


Coding Language : J2EE (JSP,Servlet,Java Bean)
Data Base : MY Sql Server.
IDE : Eclipse Juno
Web Server : Tomcat 6.0
USECASE DIAGRAM:

DSM
: View all files with decrypted
Register and Login,Select permission
browse file enc, upload with
private key
Provide decryption permission; View all user’s
file with decrypt permissions.

,Update File,Delete File

Data Owner Store all Owner and end user


registration details,View all
DATA View
SERVER
all your files. Files,View end users and Data
Providers

View all user’s private key


permission
View all Users with File
TRUSTED AUTHORITY USER Decryption permission

Register and Login,Search keyword


,Req private key permission from TA
View all Transactions
download file
View decrypt permission from
CSP
View PK Request user and
give permission

View all File Private keys


SEQUANCE DIAGRAM Sequence Diagram

Data Service
Data Owner Trusted authority DATA SERVER Manager Request
User

Register and login

Select browse file enc, upload with private key

Update File,Delete
File,View all your View all File
files Private keys

Req private key permission from TA

View PK Request user and give permission

Req private key


permission
View all files from CSP
with
decrypted
View
permission
decrypt
permission
from CSP

download req

response for download req

View all File Req,Provide response

Download the file

Download file response


SCREEN SHOTS:

home page
data service manager login
trusted authority login
cloud login
REFERENCES
 [1] S.Yu, C. Wang, K. Ren, “Achieving secure, scalable, and fine-grained data access control in cloud
computing,” Proc. IEEE INFOCOM, pp. 1-9, 2010.
 [2] J. Bethencourt, A. Sahai, B. Waters, “Ciphertext-policy attribute-based encryption,” Proc. Security
and Privacy, pp. 321-334, 2007.
 [3] J. Hur, D.K. Noh, “Attribute-based access control with efficient revocation in data outsourcing
systems,” IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 7 pp. 1214-1221, 2011.
 [4] A. Lewko, B. Waters, “Decentralizing attribute-Based encryption,” Proc. Advances in Cryptology-
EUROCRYPT, pp. 568-588, 2011.
 [5] M. Li, S.Yu,Y. Zheng, “Scalable and secure sharing of personal health records in cloud computing
using attribute-Based Encryption,” IEEE Transactions on Parallel and Distributed System, vol. 24, no. 1,
pp. 131- 143, 2013.
CONCLUSION

In this paper, we propose access control system (PS-ACS), which is privilege separation
based on privacy protection. Through the analysis of cloud environment and the
characteristics of the user, we divide the users into personal domain (PSD) and public
domain(PUD) logically. In the PSD, the KAE algorithm is applied to implement users
read access permissions and greatly improved efficiency. The IABS scheme is employed
to achieve the write permissions and the separation of read and write permissions to
protect the privacy of the user's identity. In the PUD, we use the HABE scheme to avoid
the issues of single point of failure and to achieve data sharing. Furthermore, the paper
analyzes the scheme from security and efficiency, and the simulation results are given. By
comparing with the MAH-ABE scheme, the proposed scheme shows the feasibility and
superiority to protect the privacy of data in cloud-based services.

You might also like